ANDROIDOS_ADMDASH.HRX
Android
Threat Type: Adware
Destructiveness: No
Encrypted:
In the wild: Yes
OVERVIEW
This is the Trend Micro detection for the SDK found in possibly thousands of apps once hosted in Google Play. Most of these apps have been since removed.
To get a one-glance comprehensive view of the behavior of this Adware, refer to the Threat Diagram shown below.
TECHNICAL DETAILS
NOTES:
This malware family contains an ad SDK named MDash, which delivers ads to end user and can potentially deliver malware.
Once executed, this adware installs shortcuts and a browser homepage for some ads. According to the remote configuration, the ads start after a 288,000 second delay.
This adware displays ads every time the user unlocks his phone. The adware also sets up alarms to check and start itself every 15 minutes.
This adware collects information about the installed apps on the device and sends the information to the remote server to deploy ads promoting apps similar to the ones installed.
There are several types of ads supported by the SDK, including the following:
- Alert – shows the ad in an alert dialogue box
- Recommendation – presented as a recommendation by someone in the user’s contact list
- Link – presents a pop-up message, that when clicked, opens the browser to display the ad
- SDK – loads other popular ad SDKs to show ads
This adware has the ability to make calls in the background without user consent. Furthermore, the SDK contains code to delete the device's call history to hide the suspicious activity.
SOLUTION
Trend Micro Mobile Security Solution
Trend Micro Mobile Security Personal Edition protects Android and iOS smartphones and tablets from malicious and Trojanized applications. It blocks access to malicious websites, increase device performance, and protects your mobile data. You may download the Trend Micro Mobile Security apps from the following sites:
Did this description help? Tell us how we did.